Skip to content

Commit

Permalink
feat(helm): new configuration options
Browse files Browse the repository at this point in the history
  • Loading branch information
@zbindenren
zbindenren committed Nov 3, 2022
1 parent c0c1db5 commit a0508cb
Show file tree
Hide file tree
Showing 15 changed files with 228 additions and 106 deletions.
12 changes: 6 additions & 6 deletions .github/actions/check-deployment/action.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,18 +16,18 @@ runs:
- shell: bash
run: |
echo "Check number of kubenurses"
test $(kubectl -n ${{ inputs.namespace }} get pods -l app=kubenurse \
test $(kubectl -n ${{ inputs.namespace }} get pods -l app.kubernetes.io/name=kubenurse \
| wc -l) -eq 4 # Test for 3 Pods + header
- shell: bash
run: |
echo "Check for unexpected log lines"
test $(kubectl -n ${{ inputs.namespace }} logs -l app=kubenurse \
test $(kubectl -n ${{ inputs.namespace }} logs -l app.kubernetes.io/name=kubenurse \
| grep -v "I'm ready to help you" \
| wc -l) -eq 0 \
- shell: bash
run: |
echo "Check if the kubenurse had any restarts"
kubectl -n ${{ inputs.namespace }} get pods -l app=kubenurse \
kubectl -n ${{ inputs.namespace }} get pods -l app.kubernetes.io/name=kubenurse \
-o jsonpath='{range .items[*]}{.status.containerStatuses[0].restartCount}{"\n"}{end}' \
| (! grep -v 0) # Validate for 0 restarts
- shell: bash
Expand Down Expand Up @@ -76,8 +76,8 @@ runs:
run: |
echo "Describe resources on failure"
kubectl -n ${{ inputs.namespace }} get pods -o wide
kubectl -n ${{ inputs.namespace }} logs -l app=kubenurse
kubectl -n ${{ inputs.namespace }} describe pods -l app=kubenurse
kubectl -n ${{ inputs.namespace }} describe daemonsets -l app=kubenurse
kubectl -n ${{ inputs.namespace }} logs -l app.kubernetes.io/name=kubenurse
kubectl -n ${{ inputs.namespace }} describe pods -l app.kubernetes.io/name=kubenurse
kubectl -n ${{ inputs.namespace }} describe daemonsets -l app.kubernetes.io/name=kubenurse
kubectl -n ${{ inputs.namespace }} get events
if: ${{ failure() }}
4 changes: 2 additions & 2 deletions .github/workflows/ci-helm-deploy-nginx.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,8 +54,8 @@ jobs:
timeout-minutes: 2
run: |
sleep 15 # wait for the scheduler to create pods
kubectl -n kube-system wait pods -l app=kubenurse --for=condition=Ready
kubectl -n kube-system get pods -l app=kubenurse
kubectl -n kube-system wait pods -l app.kubernetes.io/name=kubenurse --for=condition=Ready
kubectl -n kube-system get pods -l app.kubernetes.io/name=kubenurse
sleep 60 # Wait to generate some checks etc.
- name: Check deployment
uses: ./.github/actions/check-deployment
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/ci-kustomize-deploy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,8 +50,8 @@ jobs:
timeout-minutes: 2
run: |
sleep 15 # wait for the scheduler to create pods
kubectl wait pods -l app=kubenurse --for=condition=Ready
kubectl get pods -l app=kubenurse
kubectl wait pods -l app.kubernetes.io/name=kubenurse --for=condition=Ready
kubectl get pods -l app.kubernetes.io/name=kubenurse
sleep 60 # Wait to generate some checks etc.
- name: Check deployment
uses: ./.github/actions/check-deployment
Expand Down
70 changes: 45 additions & 25 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,31 +18,51 @@ The following command can be used to install kubenurse with Helm: `helm upgrade

#### Configuration settings

| Setting | Description | Default |
| ---------------------------------|---------------------------------------------------------------------------------------------------- | --------------------- |
| daemonset.image.repository | The repository name | postfinance/kubenurse |
| daemonset.image.tag | The tag/ version of the image | v1.4.0 |
| daemonset.podLabels | Additional labels to be added to the pods of the daemonset | []
| daemonset.podAnnotations | Additional annotations to be added to the pods of the daemonset | []
| daemonset.podSecurityContext | The security context of the daemonset | {}
| daemonset.containerSecurityContext| The security context of the containers within the pods of the daemonset | {}
| daemonset.tolerations | The tolerations of the daemonset | <code>- effect: NoSchedule </br>&nbsp; key: node-role.kubernetes.io/master</br>&nbsp; operator: Equal </br>- effect: NoSchedule </br>&nbsp; key: node-role.kubernetes.io/control-plane</br>&nbsp; operator: Equal</code>
| daemonset.dnsConfig | Specifies the DNS parameters of the pods in the daemonset | {} |
| daemonset.volumeMounts | Additional volumeMounts to be added to the pods of the daemonset | [] |
| daemonset.volumes | Additional volumes to be added to the daemonset | [] |
| namespace | The namespace where kubenurse will be deployed | kube-system |
| serviceMonitor.enabled | Adds a ServiceMonitor for use with [Prometheus-operator](https://github.com/prometheus-operator/prometheus-operator) | false
| serviceMonitor.labels | Additional labels to be added to the ServiceMonitor | {}
| serviceAccount.name | The name of the service account which is used | kubenurse |
| service.name | The name of service which exposes the kubenurse application | 8080-8080 |
| service.port | The port number of the service | 8080 |
| service.labels | Additional labels to be added to the Service |
| ingress.enabled | Enable/ Disable the ingress | true |
| ingress.className | The classname of the ingress controller (e.g. the nginx ingress controller) | nginx |
| ingress.url | The url of the ingress; e.g. kubenurse.westeurope.cloudapp.example.com | dummy-kubenurse.example.com |
| insecure | Control whether the http client verifies the ingress certificate (by default no verification) | true |
| rbac.allow_unschedulable.enabled | Configure a clusterrole and clusterrolebinding if env KUBENURSE_ALLOW_UNSCHEDULABLE is set to false | false |

| Setting | Description | Default |
| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ----------------------------- |
| daemonset.image.repository | The repository name | `postfinance/kubenurse` |
| daemonset.image.tag | The tag/ version of the image | `v1.4.0` |
| daemonset.podLabels | Additional labels to be added to the pods of the daemonset | `[]` |
| daemonset.podAnnotations | Additional annotations to be added to the pods of the daemonset | `[]` |
| daemonset.podSecurityContext | The security context of the daemonset | `{}` |
| daemonset.containerSecurityContext | The security context of the containers within the pods of the daemonset | `{}` |
| daemonset.tolerations | The tolerations of the daemonset | See Default tolerations below |
| daemonset.dnsConfig | Specifies the DNS parameters of the pods in the daemonset | `{}` |
| daemonset.volumeMounts | Additional volumeMounts to be added to the pods of the daemonset | `[]` |
| daemonset.volumes | Additional volumes to be added to the daemonset | `[]` |
| serviceMonitor.enabled | Adds a ServiceMonitor for use with [Prometheus-operator](https://github.com/prometheus-operator/prometheus-operator) | `false` |
| serviceMonitor.labels | Additional labels to be added to the ServiceMonitor | `{}` |
| serviceAccount.name | The name of the service account which is used | `Release.Name` |
| service.name | The name of service which exposes the kubenurse application | `8080-8080` |
| service.port | The port number of the service | `8080` |
| service.labels | Additional labels to be added to the Service | |
| ingress.enabled | Enable/ Disable the ingress | `true` |
| ingress.className | The classname of the ingress controller (e.g. the nginx ingress controller) | `nginx` |
| ingress.url | The url of the ingress; e.g. kubenurse.westeurope.cloudapp.example.com | `dummy-kubenurse.example.com` |
| insecure | Set `KUBENURSE_INSECURE` environment variable | `true` |
| allow_unschedulable | Sets `KUBENURSE_ALLOW_UNSCHEDULABLE` environment variable | `false` |
| neighbour_filter | Sets `KUBENURSE_NEIGHBOUR_FILTER` environment variable | `app=kubenurse` |
| extra_ca | Sets `KUBENURSE_EXTRA_CA` environment variable | |
| check_api_server_direct | Sets `KUBENURSE_CHECK_API_SERVER_DIRECT` environment variable | `true` |
| check_api_server_dns | Sets `KUBENURSE_CHECK_API_SERVER_DNS` environment variable | `true` |
| check_me_ingress | Sets `KUBENURSE_CHECK_ME_INGRESS` environment variable | `true` |
| check_me_service | Sets `KUBENURSE_CHECK_ME_SERVICE` environment variable | `true` |
| check_neighbourhood | Sets `KUBENURSE_CHECK_NEIGHBOURHOOD` environment variable | `true` |
| check_interval | Sets `KUBENURSE_CHECK_INTERVAL` environment variable | `5s` |
| use_tls | Sets `KUBENURSE_USE_TLS` environment variable | `false` |
| cert_file | Sets `KUBENURSE_CERT_FILE` environment variable | |
| cert_key | Sets `KUBENURSE_CERT_KEY` environment variable | |

Default tolerations:

```yaml
- effect: NoSchedule
key: node-role.kubernetes.io/master
operator: Equal
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane
operator: Equal
```

After everything is set up and Prometheus scrapes the kubenurses, you can build
dashboards [as this example](./doc/grafana-kubenurse.json) that show network latencies and errors or use the metrics for alarming.
Expand Down
8 changes: 4 additions & 4 deletions examples/daemonset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,17 @@ apiVersion: apps/v1
kind: DaemonSet
metadata:
labels:
app: kubenurse
app.kubernetes.io/name: kubenurse
name: kubenurse
namespace: kube-system
spec:
selector:
matchLabels:
app: kubenurse
app.kubernetes.io/name: kubenurse
template:
metadata:
labels:
app: kubenurse
app.kubernetes.io/name: kubenurse
annotations:
prometheus.io/path: "/metrics"
prometheus.io/port: "8080"
Expand All @@ -31,7 +31,7 @@ spec:
- name: KUBENURSE_NAMESPACE
value: kube-system
- name: KUBENURSE_NEIGHBOUR_FILTER
value: "app=kubenurse"
value: "app.kubernetes.io/name=kubenurse"
image: "postfinance/kubenurse:v1.5.1"
ports:
- containerPort: 8080
Expand Down
4 changes: 2 additions & 2 deletions examples/service.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ apiVersion: v1
kind: Service
metadata:
labels:
app: kubenurse
app.kubernetes.io/name: kubenurse
name: kubenurse
namespace: kube-system
spec:
Expand All @@ -14,4 +14,4 @@ spec:
protocol: TCP
targetPort: 8080
selector:
app: kubenurse
app.kubernetes.io/name: kubenurse
2 changes: 1 addition & 1 deletion helm/kubenurse/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,5 @@ apiVersion: v2
name: kubenurse
description: A Helm chart for Kubernetes to deploy kubenurse
version: 0.2.2
appVersion: "1.6.0"
appVersion: "1.7.0"
icon: https://avatars.githubusercontent.com/u/34368733
74 changes: 59 additions & 15 deletions helm/kubenurse/templates/_helpers.tpl
View file
Original file line number Diff line number Diff line change
@@ -1,22 +1,66 @@
{{/* Build Kubenurse standard labels */}}
{{- define "common-labels" -}}
app.kubernetes.io/name: {{ .Chart.Name | quote }}
{{- end }}
{{/*
Expand the name of the chart.
*/}}
{{- define "kubenurse.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}

{{- define "helm-labels" -}}
{{ include "common-labels" . }}
helm.sh/chart: {{ printf "%s-%s" .Chart.Name .Chart.Version | quote }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "kubenurse.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}

{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "kubenurse.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

{{/* Build wide-used variables */}}
{{ define "name" -}}
{{ printf "%s" .Release.Name }}
{{/*
Common labels
*/}}
{{- define "kubenurse.labels" -}}
helm.sh/chart: {{ include "kubenurse.chart" . }}
{{ include "kubenurse.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}

{{/*
Selector labels
*/}}
{{- define "kubenurse.selectorLabels" -}}
app.kubernetes.io/name: {{ include "kubenurse.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}

{{/*
Create the name of the service account to use
*/}}
{{- define "kubenurse.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "kubenurse.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}

{{ define "image" -}}
{{ printf "%s:%s" .Values.daemonset.image.repository .Values.daemonset.image.tag }}
{{- end }}

{{- define "namespace" -}}
{{- default .Release.Namespace .Values.namespace | quote -}}
{{- end -}}

0 comments on commit a0508cb

Please sign in to comment.